Protected customer data requirements implementation in an app

davut · January 21, 2025, 3:05pm

Hey all,

I was trying to publish my app but got rejected for protected customer data. I request name and email so I am in Level 2. I wonder how to implement those level 2 requirements such as staff access ( Limit staff access to protected customer data.). Any guides?
When I look for Staff GraphQL API it says

Requires read_users access scope. Also: The app must be a finance embedded app or installed on a Shopify Plus or Advanced store. Contact Shopify Support to enable this scope for your app.

That means I can’t know what is user’s role?

Liam-Shopify · January 22, 2025, 1:42pm

Hi Davut,

Just to confirm, has your app been approved to access protected customer data? The docs on this are here: Work with protected customer data

davut · January 22, 2025, 2:06pm

Hey Liam, thanks for the reply. No, that’s why I am here. I haven’t implemented almost any of the level 2 requirements.

Topic		Replies	Views
Admin Api: Getting error when trying to fetch the email field of the customer GraphQL Admin API Troubleshooting general-gql-troubles	4	23	January 29, 2025
How we can request for read_store_credit_accounts write_customers api scopes for a Shopify app GraphQL Admin API Troubleshooting general-gql-troubles	3	19	November 19, 2024
Possible to embed custom app without Shopify App store? Authentication & Access oauth , access-scopes	2	42	November 21, 2024
Can anyone make an embedded admin remix app that does not request personal data? Authentication & Access access-scopes	6	18	January 16, 2025
Issue getting pos staff accounts GraphQL Admin API Troubleshooting general-gql-troubles	3	12	January 13, 2025

Protected customer data requirements implementation in an app

Related topics